📦

cveclient

Vendor: cmu

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 0.01% Exploit Prob.

Latest CVE CVE-2026-35467 Apr 02

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2026-35467

The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of the encryption credentials.

EPSS: 0.01%

Severity: HIGH

Apr 02, 2026

6.1 CVSS

CVE-2026-35466

XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services

EPSS: 0.01%

Severity: MEDIUM

Apr 02, 2026

Displaying 2 of 2 Total Entries

Total 1 Sections